[Bug 1087] New: Window Tracking not disabled
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Tue Oct 4 09:12:59 CEST 2016
https://bugzilla.netfilter.org/show_bug.cgi?id=1087
Bug ID: 1087
Summary: Window Tracking not disabled
Product: conntrack-tools
Version: unspecified
Hardware: x86_64
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: conntrack-daemon
Assignee: netfilter-buglog at lists.netfilter.org
Reporter: mat999 at gmail.com
Hi,
I have been conducting testing and I noticed that Window Tracking does not
appear to be disabled on a per connection level upon receipt.
Kernel: 4.1.17
Version: v1.4.3
To Replicate:
First ensure Configuration contains "TCPWindowTracking Off"
Ensure that /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_be_liberal is set to
"0"
Sync'ed connections out of window will fail. I tested this by triggering a BGP
PoP switch.
Then Set /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_be_liberal to "1".
It now works.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20161004/502ee3bc/attachment.html>
More information about the netfilter-buglog
mailing list